Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: rqPBHJSdD9IYbn9kYYTJxKpEsNExvDG/T23+Jd+KcDE=
Subject key identifier: 30:2B:4A:D5:85:04:E9:95:CA:07:76:92:EF:22:21:5C:D6:88:C6:9F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 372BBAF3210F1FE4264EF37671155D08FE627209
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Fri 11 Jul 2025 20:20:56 +0000
ROA not before: Fri 11 Jul 2025 20:20:56 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:2b:ba:f3:21:0f:1f:e4:26:4e:f3:76:71:15:5d:08:fe:62:72:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 20:20:56 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=2f0dfee5a9399802b010d57ea518ae1dd481682a71903abc25b4ee37e4990789, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:68:4e:d5:c9:4a:4b:b2:28:2c:1d:98:09:f5:
43:7a:b1:79:9d:74:31:6a:01:e8:30:4e:0b:21:f5:
b8:b0:c5:45:e5:77:b5:0c:8f:9c:9e:5b:fb:d5:02:
7d:d0:34:a4:8c:9e:70:05:55:d3:42:f5:8e:f7:f9:
da:20:ff:7c:8d:3d:e5:a3:67:33:72:8c:e6:bd:4e:
7a:a4:ae:e0:a8:ea:4d:b3:5a:8b:cd:d6:cc:3f:3d:
5f:15:af:87:23:d5:68:3f:20:7f:48:b8:9a:9b:82:
ac:4d:98:59:62:ac:67:15:d2:1e:76:b1:f4:39:62:
74:af:66:d7:dc:65:c6:8f:f7:cc:0c:11:40:dc:d3:
25:1e:e2:53:a5:f5:4f:b7:5d:e9:68:68:64:61:b4:
53:39:dc:e0:c5:0a:5a:a9:a5:c0:28:a2:91:cf:f1:
0d:56:dd:bb:2d:4f:fd:61:8d:cd:e5:40:be:40:08:
7f:ea:d4:c8:08:19:3a:70:8d:ef:22:e1:72:c1:a0:
06:7a:bd:50:44:e2:98:05:b0:66:68:0a:15:3d:0d:
32:b2:e6:04:e9:26:52:2c:49:17:24:5a:f9:73:53:
e1:14:9a:47:4a:9a:f4:5a:7a:6d:73:44:f5:cf:1b:
9f:74:2b:32:48:9f:3b:1c:0f:0e:2b:c8:bf:da:e1:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2B:4A:D5:85:04:E9:95:CA:07:76:92:EF:22:21:5C:D6:88:C6:9F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
43:28:3f:a7:b9:27:6b:67:c8:99:f3:3f:f7:17:aa:cd:0e:7f:
16:eb:fd:48:6e:9d:41:62:2f:e5:52:52:29:70:9e:a1:44:3b:
fd:51:30:5c:5d:30:3b:ea:cb:25:ca:61:52:db:94:1e:55:fe:
64:c6:e8:df:95:9b:74:dc:61:50:1a:4f:9b:d9:d0:e8:6d:0c:
f4:32:4f:ff:1d:9e:38:7e:c8:d5:3f:6b:af:bc:b4:5d:9a:03:
94:ce:5c:bc:31:53:b2:ea:c2:5c:e2:04:1c:43:f9:5f:bd:5c:
79:b5:f6:ba:71:c0:41:28:1b:6a:27:b3:8f:52:0e:36:a7:0c:
fb:86:85:11:d6:5d:a1:2e:bd:02:d4:96:ce:98:30:38:0b:70:
0d:7a:26:59:54:48:ff:75:c9:a2:4c:fb:3f:19:9d:30:01:8a:
28:9a:63:90:b9:f0:d4:8c:f2:37:36:b5:2d:d0:af:9a:8f:08:
71:a2:4c:66:de:01:5f:fc:a2:fe:34:01:73:05:df:a6:49:a6:
2f:d3:c7:f2:0e:35:1d:25:77:2b:81:2f:77:b4:7e:b5:3f:ac:
13:65:e1:42:08:79:2e:c0:b8:87:d6:ac:2b:c3:7a:ad:73:3a:
22:85:81:9f:38:5a:8c:94:6e:e3:b1:b6:3a:68:52:70:81:e1:
51:f6:7d:59
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNyu68yEPH+QmTvN2cRVdCP5icgkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTEyMDIwNTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMGRmZWU1YTkzOTk4MDJiMDEwZDU3ZWE1MThhZTFkZDQ4MTY4MmE3MTkw
M2FiYzI1YjRlZTM3ZTQ5OTA3ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIpoTtXJSkuyKCwdmAn1Q3qxeZ10MWoB6DBOCyH1uLDFReV3tQyPnJ5b+9UC
fdA0pIyecAVV00L1jvf52iD/fI095aNnM3KM5r1OeqSu4KjqTbNai83WzD89XxWv
hyPVaD8gf0i4mpuCrE2YWWKsZxXSHnax9DlidK9m19xlxo/3zAwRQNzTJR7iU6X1
T7dd6WhoZGG0Uznc4MUKWqmlwCiikc/xDVbduy1P/WGNzeVAvkAIf+rUyAgZOnCN
7yLhcsGgBnq9UETimAWwZmgKFT0NMrLmBOkmUixJFyRa+XNT4RSaR0qa9Fp6bXNE
9c8bn3QrMkifOxwPDivIv9rhQE0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQwK0rV
hQTplcoHdpLvIiFc1ojGnzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQBDKD+nuSdrZ8iZ8z/3F6rNDn8W6/1Ibp1BYi/l
UlIpcJ6hRDv9UTBcXTA76sslymFS25QeVf5kxujflZt03GFQGk+b2dDobQz0Mk//
HZ44fsjVP2uvvLRdmgOUzly8MVOy6sJc4gQcQ/lfvVx5tfa6ccBBKBtqJ7OPUg42
pwz7hoUR1l2hLr0C1JbOmDA4C3ANeiZZVEj/dcmiTPs/GZ0wAYoommOQufDUjPI3
NrUt0K+ajwhxokxm3gFf/KL+NAFzBd+mSaYv08fyDjUdJXcrgS93tH61P6wTZeFC
CHkuwLiH1qwrw3qtczoihYGfOFqMlG7jsbY6aFJwgeFR9n1Z
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:50:30 2025 by rpki-client